diff options
| author | sfu5 <sfu5@6f19259b-4bc3-4df7-8a09-765794883524> | 2011-11-23 05:10:40 +0000 |
|---|---|---|
| committer | sfu5 <sfu5@6f19259b-4bc3-4df7-8a09-765794883524> | 2011-11-23 05:10:40 +0000 |
| commit | d912bad783d0bb7538c578ce71e307f6b6b09c18 (patch) | |
| tree | 7652e543d51e63e131a971ef61aeabe83211ee70 /SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h | |
| parent | e1982d4ca9c7f337e6055fcb38931bd96f3f9903 (diff) | |
| download | edk2-platforms-d912bad783d0bb7538c578ce71e307f6b6b09c18.tar.xz | |
1. Check input PK/KEK variable data to make sure it is a valid EFI_SIGNATURE_LIST.
Signed-off-by: sfu5
Reviewed-by: gdong1
Reviewed-by : czhan46
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12765 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h')
| -rw-r--r-- | SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h index 54e2ac0a43..36ec9c10cd 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h @@ -49,6 +49,17 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. ///
#define SIGSUPPORT_NUM 2
+///
+/// Struct to record signature requirement defined by UEFI spec.
+/// For SigHeaderSize and SigDataSize, ((UINT32) ~0) means NO exact length requirement for this field.
+///
+typedef struct {
+ EFI_GUID SigType;
+ // Expected SignatureHeader size in Bytes.
+ UINT32 SigHeaderSize;
+ // Expected SignatureData size in Bytes.
+ UINT32 SigDataSize;
+} EFI_SIGNATURE_ITEM;
/**
Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS/EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
@@ -117,6 +128,26 @@ CryptLibraryInitialize ( );
/**
+ Check input data form to make sure it is a valid EFI_SIGNATURE_LIST for PK/KEK variable.
+
+ @param[in] VariableName Name of Variable to be check.
+ @param[in] VendorGuid Variable vendor GUID.
+ @param[in] Data Point to the variable data to be checked.
+ @param[in] DataSize Size of Data.
+
+ @return EFI_INVALID_PARAMETER Invalid signature list format.
+ @return EFI_SUCCESS Passed signature list format check successfully.
+
+**/
+EFI_STATUS
+CheckSignatureListFormat(
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN DataSize
+ );
+
+/**
Process variable with platform key for verification.
@param[in] VariableName Name of Variable to be found.
|